The Design and Analysis of Secure Communication Protocols for the Computer Network

• Main Authors: Wang, Chih-Hung, 王智弘
• Other Authors: Hwang Tzonelih
• Format: Others
• Language: zh-TW
• Published: 1998
• Online Access: http://ndltd.ncl.edu.tw/handle/40060635925750375201

博士 === 國立成功大學 === 資訊工程學系 === 86 === As computer networks prevail, communications between people are becomingmore convenient than ever. With the progress of National InformationInfrastructure (NII), many innovative applications, such as internetshopping, teleconference, distance learning , remote medical service, etc.,have been constructed and many more are also on the way. We actually benefits from these applications in daily life. However, the security problems in the network, e.g., eavesdropping, tampering and impersonation, should be carefully considered. An intruder can easily manipulate important information and eventually the society will suffer a lot if communications over the networks fail to follow well-designed secure protocols. Identification and key distribution have been the two fundamental issues of secure communications. When a user wants to login to the server or require the server to provide some services, the server must verify the user''s identity. The purpose of identification is to protect the right of legal user and guard against the impersonation attacks. Previously, the password technology was very popular. Nowadays, many new techniques such as IC card, fingerprint, retinal analysis and human identification, have been proposed to enhance the efficiency and security of the systems. In addition, creating a secure channel in the open network requires the key distribution procedure. Therefore, designing an efficient and practical key distribution protocol between two persons or groups, or in a conference, is critical. This dissertation is divided into three parts: (a) the communication security in personal communication, (b) the communication security in group-oriented communication, and (c) the communication security in teleconferencing. In (a), we study the "Human Identification ", which is a scheme that the computational complexity of the identification process for the end user is bounded to the human''s ability. Such scheme has to protect against the "replay attack" and "peeping attack". Here, we have investigated the securityof human identification scheme and proposed several attacks on it. In addition, we have analyzed the key distribution scheme with "multiple authentication servers", which was designed by Gong in 1993. A modified scheme have been proposed to increase the performance. In (b), we try to propose a new group-oriented cryptosystem and a modified DSS threshold signature scheme. The former uses the key exchange protocol of Diffie-Hellman to reduce the cost of transmissions and computations. The latter modifies Langford''s threshold DSS signature scheme to reduce the number of signers. In addition, for the purpose of message authentication within a group, we propose an unconditionally secure authentication scheme suitable for multi-senders. By means of our key distribution/management strategy, this proposed scheme significantly reduces the size of evidence and the number of enciphering keys. In (c), we propose a cryptanalysis of Wu and Yeh''s conference key distribution system (CKDS). Then, we discuss two problems of Chen-Hwang''s CKDS and propose a functionally equivalent scheme to avoid these problems.Moreover, for the sake of practicability, we extend the modified Chen- Hwang''s scheme to have the property of attendance control. Finally, we propose a receipt-free voting scheme for the purpose of resolving process in a conference. Most existing electronic voting protocols provide each voter a receipt that permits a check as to whether his vote was counted. With this receipt, however, each voter can prove his voting choice and thus provides an opportunity for a malicious user (a briber) to buy the votes. To solve this problem, one has to use a receipt-free voting scheme. To summarize this dissertation, we have investigated in depth on many critical issues of communication protocols and proposed some topics for further research.